Hello All. We have a number of Windows 10 workstations running ENS 10.7 on standalone workstations. There is no network connectivity to these machines and there is no ePo server. We manually update the virus definitions using the V3 .dat file but that doesn't update Exploit Prevention. Does anyone have experience running ENS 10.7 or a similar version in standalone mode and if so, how did you manually update the Exploit Prevention component?
Thank you for your post.
You can follow the below KB article.
Create a "Repository" on local machine from ENS common policy.
Download the mentioned files and place them in a "Repository" on the local machine.
Run an update task (defined to use the mentioned repository and to update EP).
This will update the EP Content that you've downloaded and placed in that folder.
Hope this helps!
Sorry for the late reply. I haven't been able to try this yet but hope to get to it within the next day. One thing I'm not clear on though. The procedure you referenced has steps that require the ePo server but the system I'm having issues with are all standalone so we don't have the ePo server. Did you reference that KB article just so I could get the list of files to download in order to create a local repository? If so, then I can ignore the ePo steps, correct? if I need the ePo then this solution will not work for me.
Thanks for the help.
So I tried the solution you suggested but it didn't work. In a nutshell, I kept getting a "can't find a valid repository" error. Here are the steps I followed:
1. created a local folder on the system named c:\ExploitPrevention.
2. On a separate machine with internet access, downloaded the files referenced in the link you sent: endpoint_detect.msc, endpoint_install.mcs, exp_20210805_1162_endp_owm_100.zip, package_catalog.z. Then transferred the files onto the standalone workstation into c:\ExploitPrevention
3. opened ENS admin console. clicked the down arrow in the upper right corner and selected Settings.
4. With Common selected on the left, clicked Show Advanced on the right. Scrolled down near bottom to Source Sites for Updates section and clicked Add.
5. Entered name LocalRepo, left Enabled checkbox checked, in Retrieve Files From: drop down, selected Local Path. In Path: box entered the local path c:\ExploitPrevention.
6. Clicked the Use Logged-in Account checkbox then clicked OK. The Common Settings page was displayed.
7. Scrolled down to the Tasks section and clicked Add. On the Add Tasks popup, in the Name: field, entered LocalUpdateTask. In the Select Task Type: box, selected Update and clicked Next
9. In the Update Task popup, on the Settings tab, left the default of Security content, hotfixes and patches selected and clicked OK
10. The Common Settings page was displayed.
11. Select LocalUpdateTask and clicked the Run Now button.
12. At this point I got an error saying can't find a valid repository. It also said to check the update log for more details but I wasn't sure what log it was referring to. I check C:\ProgramData\McAfee\Endpoint Security\logs\PackageManager-Activity.log but that log only said to check the update log. Do you know specifically which log that is referring to?
Any ideas on what I'm doing wrong?
There is no solution to this thread. I tried the suggested solution and received the same error of "Unable to find a valid repository". I even downloaded the pre-packaged ZIP Content Update for EPO which gets imported into the repository.
Created local folder - pointed a repo at it as a local folder or also as an UNC path. Then created an update task, as mentioned by the original poster. In both cases - still just receive and error of unable to find a valid repository.
How do you update the content on a stand alone computer with no EPO server available?